Exercise – BGP and IGP interactions

A company has a site in Europe and another one in Mexico. They are interconnected by a private leased line. Each site is locally connected to an ISP (ISP-EU in Europe and ISP-MX in mexico). Border routers are respectively ER-EU in Europe and ER-MX in Mexico. Providers have allocated prefixes α in Europe and β in Mexico. Providers are doing in-gress filtering (i.e. a packet with a source address non allocated by a provider is discarded by the first provider router).

In the rest of the document, a host A (resp. B) will designate a host in Internet (outside company network) close to the ISP-MX (resp. ISP-EU) with a metric linked to BGP announcement. C (resp. D) will represent an equipment in the Mexican (resp. european) part of the company network.

Inside the site, an IGP routing protocol allows all routers to know all internal prefixes.

Question 1 What are the differences between IPv4 and IPv6 in term of multi-homing.

Question 2 What is α and β nature? (PI or PA)?

Question 3 Is it possible to assign private IPv4 prefixes to the router’s interface managing the link between Europe and Mexico?

Question 4 Will prefixes α and β be stored as is in the core muting tables?

Question 5 Does the company need a public AS number to establish a link with BGP providers routers? Is it necessary to establish a iBGP peering between both company BGP routers?

Question 6 How will react the Mexican ISP, if the Mexican site announces all the prefixes collected by its IGP?

Question 7 Do the border routers have to announce inside the company network the totality of prefixes learnt from the IGP? What should be announced?

Question 8 In this configuration, why it is not necessary to send default routes from one site to another?

The company makes some agreement with ISPs to change in-gress filtering rules. They now include all the prefixes allocated by the different ISPs (note that this is not in the policy of current ISPs) .

Question 9 Is it useful to announce the default route over the atlantic link. If the Mexican ISP is unreachable: can C join A? can A join C?

Question 10 What should do the company to allow full connectivity, even in case of failure of one of its ISP?

We suppose now that ISPs agreed to announce through BGP, prefixes allocated by other providers.

Question 11 What are the consequences on core network routing tables?

Question 12 Which parameters have the greatest impact on route selections: prefix length or AS path length?

Question 13 Give a simple solution that force the traffic leaving to the Internet to go through the atlantic link only in case of failure of one ISP.

RFC 226O proposes one alternative :

When an enterprise border router connected to a particular ISP determines that the connectivity between the enterprise and the Internet is up through all of its ISPs, the router advertises (to the border router of that ISP) reachability to only the address prefix that the ISP allocated to the enterprise. This way in a steady state routes injected by the enterprise into its ISPs are aggregated by these ISPs, and are not propagated into the “default-free” zone of the Internet.

When an enterprise border router connected to a particular ISP determines that the connectivity between the enterprise and the Internet through one or more of its other ISPs is down, the router starts advertising reachability to the address prefixes that was allocated by these ISPs to the enterprise. This would result in injecting additional routing information into the “default-free” zone of the Internet. However, one could observe that the probability of all multi-homed enterprises in the Internet concurrently losing connectivity to the Internet through one or more of their ISPs is fairly small. Thus on average the number of additional routes in the “default-free” zone of the Internet due to multi-homed enterprises is expected to be a small fraction of the total number of such enterprises.

Question 14 What is a “default-free” zone, Why this solution reduces the number of entries in core routing tables ?

RFC states :

One such possible mechanism could be provided by BGP [RFC1771]. In this case border routers within the enterprise would have an IBGP peering with each other. Whenever one border router determines that the intersection between the set of reachable destinations it receives via its EBGP (from its directly connected ISP) peerings and the set of reachable destinations it receives from another border router (in the same enterprise) via IBGP is empty, the border router would start advertising to its external peer reachability to the address prefix that was allocated to the enterprise by the I5P connected to the other border router. The other border router would advertise (via IBGP) the address prefix that was allocated to the enterprise by the ISP connected to that router. This approach is known as “auto route injection”.

Question 15: Is the traffic recovery instantaneous?

Question 16 Can this method be used when the connectivity problem concern the ISP with the other ISP?

Question 17 Why this method cannot be used when the connectivity problem is located near by the site (for example, the link between the ISP and the site is down?)

Question 18 What method is currently used to allow multi-homing, why are its advantages compared to the solution we have studied.

17 thoughts on “Exercise – BGP and IGP interactions”

Question 1 What are the differences between IPv4 and IPv6 in term of multi-homing.

When this exam was written, people believed in the fact that in IPv6 each providers will allocate a different prefix and the host would get two global addresses. But this lead to some difficulty in the choice of the source address. If routing send packets to the other provider, they will be dropped due to in-gress filtering. This is still a research problem, and currently multi-homing in IPv4 and IPv6 is solved the same way using Provider Independent addresses (PI).

The rest of the exam will study if we can do multi-homing with PA (Provider aggregable) prefixes, but we will see that it is not so easy.

Question 9 Is it useful to announce the default route over the atlantic link. If the Mexican ISP is unreachable: can C join A? can A join C?

This is useless since this will also traffic to go through the other ISP to the destination, but the answer will be sent to the failing ISP and will never reach the source. C will join A but A will not be able to join C.

Question 10 What should do the company to allow full connectivity, even in case of failure of one of its ISP?

One solution is to use a private addressing pan internally and NAT the traffic with the exiting provider public address. This work well if there is no publicly accessible servers inside the company. The failure of one ISP will not be transparent since all connection will be broken

Question 13 Give a simple solution that force the traffic leaving to the Internet to go through the atlantic link only in case of failure of one ISP.

If we announce β prefix on the french ISP, the French ISP will announce a longer prefix than the mexican ISP (which is doing aggregation by announcing β–), so all the traffic will be directed to the french ISP. To avoid with both ISP should announce the same prefix length.